$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d0da87c3-0506-4956-8446-99aab80b63d7.roa File: d0da87c3-0506-4956-8446-99aab80b63d7.roa (raw, json) Hash identifier: gcb1AapoUTv2/FOjdDvZZoyg0PB/SoR3sqndhuJnkI8= Subject key identifier: 88:39:69:C2:FF:0F:6C:60:89:49:F9:DE:AE:E3:5B:60:F3:01:F5:8F Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Certificate serial: 371405894BDFE50C15CCE437CBD8B6B6ADB8C198 Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d0da87c3-0506-4956-8446-99aab80b63d7.roa Signing time: Wed 14 May 2025 00:30:19 +0000 ROA not before: Wed 14 May 2025 00:30:19 +0000 ROA not after: Wed 18 Jun 2025 23:59:59 +0000 asID: 16509 IP address blocks: 2406:daff:20c0::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dc5cb86a-b72d-4eca-b351-c500ace28c65.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 07 Jun 2025 20:08:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 37:14:05:89:4b:df:e5:0c:15:cc:e4:37:cb:d8:b6:b6:ad:b8:c1:98 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37 Validity Not Before: May 14 00:30:19 2025 GMT Not After : Jun 18 23:59:59 2025 GMT Subject: serialNumber=29e97066572585619701582b0768140456592bbf7efbab89465aad3169e0e3a6, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:f4:4a:08:88:52:9f:31:4e:76:6b:dc:6f:26: e9:87:82:89:7b:7a:24:32:fd:52:16:73:ba:71:d9: ac:c6:af:4c:ea:32:bb:3e:7d:b9:ba:d7:25:9d:26: 87:69:4a:c7:79:8c:e1:68:8a:65:cd:bd:f3:6d:dd: d0:9c:eb:80:fe:ab:00:54:ec:cb:54:40:01:63:0c: 71:7b:d0:73:d5:cd:e3:ea:47:11:b8:ea:45:47:f4: 59:45:37:bf:cc:00:52:c9:87:d6:bc:d1:7b:cf:c3: ac:b6:f3:08:5e:67:87:b5:ba:a2:40:01:98:cd:64: f4:3c:02:60:79:6d:f3:5f:f1:e7:fd:10:9c:b3:08: 88:63:88:84:91:de:66:49:a7:a1:41:bc:2b:cd:15: a2:fd:71:94:ae:1e:27:0e:a3:67:c9:95:74:3d:2f: fd:cc:66:14:26:d6:bf:34:84:ec:0e:fa:d9:7e:79: c0:ef:28:7c:7d:b5:99:e1:12:ad:e8:47:cd:fe:cb: 05:81:4d:95:4a:ba:48:63:77:c9:c0:e8:73:46:54: 7b:8c:f0:b3:8c:15:81:f4:0b:73:18:3c:49:da:0d: cb:6d:cd:1a:d4:03:c2:dc:a6:83:79:f5:9a:c7:f6: dc:e9:b2:8c:4f:24:a6:51:ab:f6:d8:6d:0d:34:22: a3:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:39:69:C2:FF:0F:6C:60:89:49:F9:DE:AE:E3:5B:60:F3:01:F5:8F X509v3 Authority Key Identifier: keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer Subject Information Access: Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d0da87c3-0506-4956-8446-99aab80b63d7.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv6: 2406:daff:20c0::/48 Signature Algorithm: sha256WithRSAEncryption 2c:58:d7:25:9c:43:53:f7:1f:55:d4:a7:ea:32:e4:da:d3:1a: 36:4a:3b:7f:17:9e:db:fe:32:90:28:8c:7a:c6:c2:22:08:4e: e2:68:57:a4:d0:ac:56:3a:54:43:58:45:80:86:bf:80:9f:b9: db:0d:ab:1e:90:04:29:53:6f:11:8c:f1:2d:45:a2:cb:72:ae: 4f:38:9c:9b:6e:88:bb:6a:48:a8:c5:c0:6b:54:f7:04:bc:eb: 3b:8a:e8:df:01:5d:66:0e:c2:ce:af:dc:65:99:6f:27:9f:cf: 99:cc:24:56:25:44:f7:ef:61:66:c0:78:1b:c4:ff:9a:e3:c2: 8e:18:83:79:16:cf:54:8c:ac:e2:fb:58:e9:6b:35:c9:80:2f: af:02:4b:ae:4c:3d:d9:1f:0a:d0:64:88:b9:56:8b:3d:de:67: ae:92:44:8f:ae:48:52:36:ec:98:dd:52:72:33:21:f4:2c:26: 2a:dd:8f:c5:02:01:79:53:f7:4c:7c:82:3a:ce:86:3b:dc:60: 48:c8:ff:7c:8d:f3:52:70:12:c1:e6:39:50:fc:47:0b:b8:51: 4d:ae:2a:aa:53:31:74:b2:39:cf:89:5a:44:80:37:f2:f0:c5: 52:96:48:c6:9c:51:e4:8b:be:7e:e0:5b:1f:76:6a:d9:18:ed: 06:40:47:c8 -----BEGIN CERTIFICATE----- MIIFnzCCBIegAwIBAgIUNxQFiUvf5QwVzOQ3y9i2tq24wZgwDQYJKoZIhvcNAQEL BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0 RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNDAwMzAxOVoX DTI1MDYxODIzNTk1OVowejFJMEcGA1UEBRNAMjllOTcwNjY1NzI1ODU2MTk3MDE1 ODJiMDc2ODE0MDQ1NjU5MmJiZjdlZmJhYjg5NDY1YWFkMzE2OWUwZTNhNjEtMCsG A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApvRKCIhSnzFOdmvcbybph4KJe3ok Mv1SFnO6cdmsxq9M6jK7Pn25utclnSaHaUrHeYzhaIplzb3zbd3QnOuA/qsAVOzL VEABYwxxe9Bz1c3j6kcRuOpFR/RZRTe/zABSyYfWvNF7z8OstvMIXmeHtbqiQAGY zWT0PAJgeW3zX/Hn/RCcswiIY4iEkd5mSaehQbwrzRWi/XGUrh4nDqNnyZV0PS/9 zGYUJta/NITsDvrZfnnA7yh8fbWZ4RKt6EfN/ssFgU2VSrpIY3fJwOhzRlR7jPCz jBWB9AtzGDxJ2g3Lbc0a1APC3KaDefWax/bc6bKMTySmUav22G0NNCKjVwIDAQAB o4ICSzCCAkcwHQYDVR0OBBYEFIg5acL/D2xgiUn53q7jW2DzAfWPMB8GA1UdIwQY MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx L2QwZGE4N2MzLTA1MDYtNDk1Ni04NDQ2LTk5YWFiODBiNjNkNy5yb2EwgZUGA1Ud HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1 MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP BAIAAjAJAwcAJAba/yDAMA0GCSqGSIb3DQEBCwUAA4IBAQAsWNclnENT9x9V1Kfq MuTa0xo2Sjt/F57b/jKQKIx6xsIiCE7iaFek0KxWOlRDWEWAhr+An7nbDasekAQp U28RjPEtRaLLcq5POJybboi7akioxcBrVPcEvOs7iujfAV1mDsLOr9xlmW8nn8+Z zCRWJUT372FmwHgbxP+a48KOGIN5Fs9UjKzi+1jpazXJgC+vAkuuTD3ZHwrQZIi5 Vos93meukkSPrkhSNuyY3VJyMyH0LCYq3Y/FAgF5U/dMfII6zoY73GBIyP98jfNS cBLB5jlQ/EcLuFFNriqqUzF0sjnPiVpEgDfy8MVSlkjGnFHki75+4FsfdmrZGO0G QEfI -----END CERTIFICATE-----Generated at Tue Jun 3 23:38:52 2025 by rpki-client